1 files changed, 45 insertions, 16 deletions

diff --git a/src/abslibre-tools/librerelease b/src/abslibre-tools/librerelease
index aff13fa..540472c 100755
--- a/src/abslibre-tools/librerelease
+++ b/src/abslibre-tools/librerelease
@@ -4,6 +4,21 @@
 
 # Copyright 2010 Nicolás Reynolds
 # Copyright 2013 Luke Shumaker
+# For just the create_signature() function:
+#   Copyright (c) 2006-2013 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2002-2006 by Judd Vinet <jvinet@zeroflux.org>
+#   Copyright (c) 2005 by Aurelien Foret <orelien@chez.com>
+#   Copyright (c) 2006 by Miklos Vajna <vmiklos@frugalware.org>
+#   Copyright (c) 2005 by Christian Hamar <krics@linuxforum.hu>
+#   Copyright (c) 2006 by Alex Smith <alex@alex-smith.me.uk>
+#   Copyright (c) 2006 by Andras Voroskoi <voroskoi@frugalware.org>
+#   Copyright (c) 2006-2013 Pacman Development Team <pacman-dev@archlinux.org>
+#   Copyright (c) 2002-2006 by Judd Vinet <jvinet@zeroflux.org>
+#   Copyright (c) 2005 by Aurelien Foret <orelien@chez.com>
+#   Copyright (c) 2006 by Miklos Vajna <vmiklos@frugalware.org>
+#   Copyright (c) 2005 by Christian Hamar <krics@linuxforum.hu>
+#   Copyright (c) 2006 by Alex Smith <alex@alex-smith.me.uk>
+#   Copyright (c) 2006 by Andras Voroskoi <voroskoi@frugalware.org>
 #
 # This file is part of Parabola.
 #
@@ -44,6 +59,27 @@ function list_packages {
 	done
 }
 
+# This function is taken almost verbatim from makepkg
+create_signature() {
+	local ret=0
+	local filename="$1"
+	msg "$(gettext "Signing package...")"
+
+	local SIGNWITHKEY=""
+	if [[ -n $GPGKEY ]]; then
+		SIGNWITHKEY="-u ${GPGKEY}"
+	fi
+	# The signature will be generated directly in ascii-friendly format
+	gpg --detach-sign --use-agent ${SIGNWITHKEY} "$filename" &>/dev/null || ret=$?
+
+
+	if (( ! ret )); then
+		msg2 "$(gettext "Created signature file %s.")" "$filename.sig"
+	else
+		warning "$(gettext "Failed to sign package file.")"
+	fi
+}
+
 function sign_packages {
 	if [ -z "${GPG_AGENT_INFO}" ]; then
 		warning "It's better to use gpg-agent to sign packages in batches"
@@ -51,27 +87,18 @@ function sign_packages {
 
 	find "${WORKDIR}/staging/" -type f -iname '*.pkg.tar.?z' -printf '%h/%f\n' |
 	while read -r package; do
-		if [ -f "${package}${SIGEXT}" ]; then
-
-			warning "Package signature found, verifying..."
+		if [ -f "${package}.sig" ]; then
+			msg2 "Package signature found, verifying..."
 
 			# Verify that the signature is correct, else remove for re-signing
-			if ! gpg --quiet --verify "${package}${SIGEXT}" >/dev/null 2>&1; then
+			if ! gpg --quiet --verify "${package}.sig" >/dev/null 2>&1; then
 				error "Failed! Re-signing..."
-				rm -f "${package}${SIGEXT}"
+				rm -f "${package}.sig"
 			fi
 		fi
 
-		if ! [ -f "${package}${SIGEXT}" ]; then
-			msg2 "Signing ${package}..."
-			if ! gpg \
-				--default-key "${SIGID}" \
-				--output "${package}${SIGEXT}" \
-				--detach-sig "${package}"
-			then
-				error "Signing failed"
-				return 2
-			fi
+		if ! [ -f "${package}.sig" ]; then
+			create_signature "$package" || return 2
 		fi
 	done
 }
@@ -123,8 +150,10 @@ function main {
 		return 0
 	fi
 
+	load_files makepkg
+	check_vars makepkg GPGKEY
 	load_files libretools
-	check_vars libretools WORKDIR PARABOLAHOST LIBREDESTDIR SIGID SIGEXT || return 1
+	check_vars libretools WORKDIR PARABOLAHOST LIBREDESTDIR || return 1
 	# The following variables are actually optional
 	#check_vars libretools HOOKPRERELEASE HOOKPOSTRELEASE || return 1